NAME

Status_Board - A simple web based status tracking tool.

SYNOPSIS

 http://www.webserver.com/cgi-bin/status_board.pl
 http://www.webserver.com/cgi-bin/status_board.pl?function=config
 http://www.webserver.com/cgi-bin/status_board.pl?src=datafile

DESCRIPTION

Status Board is a customizable tool that allows you to track various information on any number of users. It is inherintly unsecure, but can be used in situations where the general population can be trusted, or where the information is of low importance.

INFORMATION

Author: Mike Bobbitt (Mike@Army.ca) Contributions by Duncan Sutter: Some clean-up and allowing the timestamps to be optional by entry.

See http://Perl.Bobbitt.ca for updates and information. If you have any questions about this, feel free to contact me. I'll help out as much as I can.

REVISION HISTORY

 99/02/08 - V1.0 - Initial Release.
 99/02/09 - V1.1 - Radio buttons and NOTES text no longer mutually exclusive, added logging.
 99/01/10 - V1.2 - Added e-mail addresses.
 99/02/11 - V1.3 - Can specify status file through web (../status_board.pl?src=textfile).
 99/02/12 - V1.4 - Made statuses definable.
 99/03/25 - V1.5 - Made status types definable, fixed tabindex problem, placed all status info into the source file.
 99/04/14 - V1.6 - Changed format of status file to use delimiters.
 99/05/03 - V1.7 - Changed to use generic data for all entries.
 99/05/06 - V2.0 - Added ability to have multiple pages through data file.
 99/05/28 - V2.1 - Now checks to see if submission is stale via hidden date field.
 99/07/20 - V2.2 - Removes $delim from posted values to avoid corruption, removed LDAP references.
 99/08/31 - V2.3 - Added ability to turn on debugging from URL (../secdev_status.pl?debug=1). Entries will change colour if not updated recently, and change colour again if they're "really old." (Old is 24 hours, and really old is 48 hours by default).
 99/10/12 - V2.4 - Made text box sizes definable. Added ability to use "textarea" fields.
 00/01/06 - V2.4a- Pattern macthing charaters (|[]()!+* etc) no longer cause timestamp to update, even when the entry containing the charaters wasn't modified.
 00/01/21 - V2.5 - Can now have the tool automatically check everyone "out" at a given time, added cascading style sheets and colour definitions
 00/04/06 - V2.5a- Fixed minor colour issues
 00/05/10 - V2.6 - HTML tags are now allowed in names (so you can click on a user's name and go to their page)
 00/07/19 - V2.7 - Added "Reload" button, buttons can be images
 00/08/14 - V2.8 - Updated look and feel slightly, can now drop time from the datestamp fields, moved most settings out to config file
 00/08/22 - V3.0 - Can now configure most variables through a web interface: ../status_board.pl?function=config
 00/08/31 - V3.1 - Added debug levels for easier debugging. UNFINISHED: Can now protect entries with a password (not very secure - they're plaintext for now...)
 01/03/20 - V3.2 - Added the ability for "read only" text fields. Once data is submitted, it is added to a display only section. Good for news pages.
 01/03/21 - V3.3 - Respects Style Sheet settings in a more appropriate manner. The included .css is updated.

TO DO

 - use Cookies to record what entry a person edits. Highlight that entry from then on (or something like that)
 - Merge all settings into the config file (including individual page settings)
 - Password protect configuration updates
 - Write out a default configuration file if none is present
 - Show description of config items from comments in .cfg
 - Must set size for read only textareas. (Shouldn't be that way...)

(I have also added the code TODO to the code, wherever there is work in progress...)

DATA FILES

Data files define the ``schema'' of what to display for a given page.

The following is the format of a data (.data) file:

 Group Title
 List of Field Codes
 List of Field Descriptions
 List of Field Types: radio|checkbox|text[SIZE]|datestamp|textarea[ROWSxCOLS][RO]
 Other pages to display (one per line)...

Lines 2-4 are multi-valued and associated, so that the first value in line 2 goes with the first value in lines 3 and 4. The second value in line 2 goes with the second value in lines 3 and 4, an so on... The ``RO'' designation on the textarea makes it read only. Once data is submitted, it can not be modified through the web form.

For example, a data file could contain:

 Cipher Logic Canada Inc
 Status Status  Status  Notes   AsOf
 In     Out     Work<br>@Home   Notes   As Of
 radio  radio   radio   text    datestamp
 Departmental News      cipher_news
 This Weeks Calendar    cipher_weekly
 Contact Information    cipher_contact
 Recurring Schedule     cipher_schedule

Note that this uses tabs as field delimiters, so it may be a little hard to read.

In the above example, you would also need to have a cipher_news.data, cipher_weekly.data, cipher_contact.data, and cipher_schedule.data file as well.

TEXT FILES

For each data file, you need to have a corresponding text file. This file contains the actual information to be displayed in the editable fields of the form.

The following is the format of a text (.txt) file:

 [HOME PAGE]    [PASSWORD]      User's Name     Field1  Field2  Field3...
 [HOME PAGE]    [PASSWORD]      User's Name     Field1  Field2  Field3...
 ... and so on...

For example, a text file could contain:

 http://mywebsite.com   Mike Bobbitt    X                               957968519
 PWD:fsdkjh43f          Some Guy        X               Vacation        957917573
 http://mywebsite.com   PWD:mypassword          Some Other Guy          X       Notes here      957917573
 ... and so on...

DEPENDANCIES

This script relies on having the IniFiles.pm package installed on your system. You can obtain this package from CPAN or from the author's site directly:

 http://dev.rcbowen.com/iniconf/

To install it, simply copy it somewhere in the PERL search path. (Into the lib directory, for example.)

METHODS

setDate()

 $datestr=setDate($convtime,$return_seconds);
 $datestr        - date and time
 $convtime       - unixtime value which is used to set $datestr (optional)
 $return_seconds - 1=YYYY/MM/DD HH:MM:SS, 0=YYYY/MM/DD HH:MM

Converts $convtime into a human readable format and returns it as $datestring. If $convtime is not provided, the current time is returned. If $return_seconds has a value, then the time includes seconds.

error()

 error($error_code,$error_data);
 $error_code - A pre-defined code indicating a specific error condition
 $error_data - Any additional data, usually a string

Displays an error message and exits.

logit()

 logit($log_message);
 $log_message - String to print to the log file

Prints a message to the log file.

debug()

 debug($debug_message,$debug_level);
 $debug_message - String to print if debugging is on
 $debug_level - Only pring string if current debug level is $debug_level or higher (current debug level is set by $debug)

Prints a message, if $debug has a value.

loadConfig()

 loadConfig($configfile);
 $configfile - Location of configuration file

Loads data elememts from the configuration file.

functionShowConfig()

 functionShowConfig();

Display data elememts from the configuration file in an HTML form for configuration.

functionSaveConfig()

 functionSaveConfig();

Save data elememts from the web form to the configuration file.

buildFooter()

 buildFooter();

Build the $footer string.

buildHeader()

 buildHeader();

Build the $header string.

debugConfig()

 debugConfig();

Dumps out the contents of the configuration file, if loaded, and if debugging is on.

checkPassword()

 checkPassword($password);
 $password - The user's inputted password

Compares the encrypted value of $password with the user's stored password ($pwd). Returns 1 if passwords match, 0 otherwise.